Permit, deny, Mac acl) – Microsens MS453490M Management Guide User Manual

C

HAPTER

26

| Access Control Lists

MAC ACLs

– 691 –

◆

To remove a rule, use the no permit or no deny command followed by

the exact text of a previously configured rule.

◆

An ACL can contain up to 128 rules.

E

XAMPLE

Console(config)#access-list mac jerry

Console(config-mac-acl)#

R

ELATED

C

OMMANDS

permit, deny (691)

mac access-group (693)

show mac access-list (694)

permit, deny

(MAC ACL)

This command adds a rule to a MAC ACL. The rule filters packets matching

a specified MAC source or destination address (i.e., physical layer address),

or Ethernet protocol type. Use the no form to remove a rule.

S

YNTAX

{permit | deny}

{any | host source | source address-bitmask}

{any | host destination | destination address-bitmask}

[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]

[time-range time-range-name]

no {permit | deny}

{any | host source | source address-bitmask}

{any | host destination | destination address-bitmask}

[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]

N

OTE

:

The default is for Ethernet II packets.

{permit | deny} tagged-eth2

{any | host source | source address-bitmask}

{any | host destination | destination address-bitmask}

[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]

[time-range time-range-name]

no {permit | deny} tagged-eth2

{any | host source | source address-bitmask}

{any | host destination | destination address-bitmask}

[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]

{permit | deny} untagged-eth2

{any | host source | source address-bitmask}

{any | host destination | destination address-bitmask}

[ethertype protocol [protocol-bitmask]]

[time-range time-range-name]